API helper classes

src/Middleware/Authorization.php

@@ -0,0 +1,30 @@
+<?php
+namespace ProVM\Middleware;
+
+use Psr\Http\Message\ResponseFactoryInterface;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Psr\Log\LoggerInterface;
+use ProVM\Exception\Authorization\MissingToken;
+use ProVM\Service;
+
+class Authorization
+{
+    public function __construct(protected ResponseFactoryInterface $responseFactory,
+                                protected Service\Authorization $authorizationService,
+                                protected LoggerInterface $logger) {}
+
+    public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
+    {
+        try {
+            if (!$this->authorizationService->isAuthorized($request)) {
+                return $this->responseFactory->createResponse(403); // Forbidden
+            }
+        } catch (MissingToken $exception) {
+            $this->logger->alert($exception, ['request' => $request]);
+            return $this->responseFactory->createResponse(401); // Unathorized
+        }
+        return $handler->handle($request);
+    }
+}